Denial of Service Attacks Against grc.com
http://grc.com/dos/intro.htm
submitted by Emerald Jones, ejones@vcnet.com
During the first few weeks of May, GRC.COM was the target of several distributed denial of service (DDoS) attacks launched by a 13-year-old hacker using a tool he did not write. Using this tool, "Wicked" commanded multiple sustained attacks from 474 security-compromised Windows-based PC's. The whole tale turned into a pretty good read, and is something I imagine you may enjoy. You can read the entire page online on our web site, or you can download the PDF file for offline reading or printing.


The page on our site: http://grc.com/dos/grcdos.htm
The PDF file:  http://media.grc.com:8080/files/grcdos.pdf

Windows XP:
The experience with Windows-based denial of service attacks focused my attention on Microsoft's planned release of Windows XP with its planned inclusion of "Full Raw Socket" support. Full raw sockets are a powerful and dangerous Internet API that exists in all Unix-based operating systems. But under Unix they are deliberately protected by the rigorous requirement for "root" privilege. (Similar to Microsoft's "Administrative" privilege.) However Microsoft has done away with this distinction in the Home Edition of Windows XP which threatens to populate the world with a needlessly dangerous capability.

Microsoft and I have been arguing about this quite a lot recently. Last Thursday, this culminated in an eight-way telephone conference:

My page explaining the XP threat: http://grc.com/dos/winxp.htm
About our phone conference: http://grc.com/dos/xpconference.htm

The new GRC News server:
The denial of service attacks adversely affected our Windows- based newsgroup server forcing us to give up on it and switch to a Unix-based solution. That machine has a different name and IP address. If you were using the news server at "grc.com" and IP address of [207.71.92.193] please change your news reader to connect to "news.grc.com" at the IP address of [207.71.92.194].

Our new "grc.spoofarino" newsgroup is the place to discuss Denial of Service attacks, Windows XP, and related matters! See you there!

Our new Media page:
Since I last wrote, we finally got the video clips from my various appearances on ZDTV and TechTV online.  Those who are interested may find a page describing their format and an index to them here: http://grc.com/media.htm

A new ShieldsUP! coming soon:
In preparation for the "Spoofarino" freeware (mentioned at the bottom of the long DoS report page) we will be bringing the GRC NanoProbe technology over to the main GRC server for the first time. Our existing ShieldsUP! security evaluation system will receive its first significant upgrade since its introduction.

As soon as it's ready for your testing I'll let you know!
Thank you for your time. I hope this has been useful to you.
Steve Gibson http://grc.com/GRC Website

Enter your e-mail address to receive e-mail when this page is updated.
Your Internet e-mail address:


Send eMail to Webmaster
1983-2001 Simi Valley Computer Users Group All Rights Reserved
Last updated: 7/22/2001